Security News

NTML credentials can be stolen via malicious Portable Document Format (PDF) files without any user interaction, Check Point security researchers warn. read more

Default configuration of WD’s My Cloud storage device keeps port open for unprivileged data exfiltration within a network.

Essential Internet Infrastructure - DNS, BGP - Remains Vulnerable, Experts WarnAn attack spoofed internet routing information, resulting in anyone who visited MyEtherWallet.com - a free, open...

Anyone could have drained their users' LinkedIn profile data

LinkedIn's AutoFill button is supposed to only work on approved websites, but any website could have tricked users into providing personal data with just one click anywhere on their screen.

Threatpost's Tom Spring talked to Roman Unuchek, senior malware analyst at Kaspersky Lab, about his discoveries this week at the RSA Conference.

Private intelligence gathering firm LocalBlox leaked data on 48 million users that was scraped from Facebook, LinkedIn, Zillow and other sites.

Popular mobile applications that use third-party, ready-to-go advertising Software Development Kits (SDKs) expose user data by transmitting it over the insecure HTTP protocol, Kaspersky Lab warns....

Mobile apps leak personal data via insecure ads that transmit ad-targeting data insecurely.

Facebook pays millions of dollars every year to researchers and bug hunters to stamp out security holes in its products and infrastructure, but following Cambridge Analytica scandal, the company...